Labels

Sunday, 18 May 2014

BYOD

Bring
your own device (BYOD) is an IT policy where employees are allowed or
encouraged to use their personal mobile devices (i.e. Notebooks PC, Tablets
etc) to access enterprise data and systems.

Following
are the four scenarios of BYOD implementation:

²Unlimited access for personal
devices

²Access only to non-sensitive systems
and data

²Access, but with IT control over
personal devices, apps and stored data

²Access, but prevent local storage of
data on personal devices

Benefits
of BYOD

Improved
resource utilization: Nowadays enterprise computers are mostly under-utilized
due to the nature of work of different users. Introducing BYOD can address this
issue by assigning appropriate devices to the users according to their tasks
and responsibilities.

Flexibility
and Mobility: BYOD
grants users to access all business applications from anywhere which increase
their efficiency and improve organizational benefits.

Increased
productivity and innovation: Employees are more comfortable with a personal device
and become expert using it — making them more productive. Personal devices tend
to be more cutting-edge, so the enterprise benefits from the latest features.
Also users upgrade to the latest hardware more frequently.

Employee
satisfaction:
Users use the devices they have chosen and invested in — rather than what was
selected by IT. Allowing employees to use personal devices also helps them
avoid carrying multiple devices.

Cost
savings:
BYOD programs sometimes save budget by shifting costs to the user, with
employees paying for mobile devices and data services. Procuring Handheld
devices (Tablet, Net-books and Smart Phones) for users instead of Notebook PCs
and Desktop computers, can also reduce cost to some extent.

Consider
before adopting BYOD

Personal
cost:
Some employees will be unwilling to invest their own money. As mobile devices
replace company-provided laptops, certain employees will expect the
organization to pay for these new devices as well.

Enterprise
cost:
Will you have the resources to manage BYOD safely? Are you willing to set up a
private app store for maximum control? Will your service desk be able to handle
the inevitable flood of support calls?

Enterprise
control:
Multiple layer of authentication Certain job functions require access to very
sensitive data, and mobile devices are being embedded into business processes
such as manufacturing, transportation and retail transactions. In these roles,
IT needs complete control over the mobile devices and applications installed on
them.

BYOD
risks and mitigating strategies:

Stolen/Lost
devices: Sensitive
enterprise data can be comprised in case such case.

Mitigation: Prevent local
storage of data on the device and remote wipe are two methods to mitigate this
risk.

Mal-wares/Infections:
Handheld
devices are more vulnerable to mal-ware attacks as compare to IT maintained
desktops.

Mitigation: Comprehensive
security policy must be adopted to protect devices from infections.

User
authentication and system access: Static passwords, combined with the risks
of BYOD, are not enough to ensure secure remote access to sensitive business
data and systems.

Mitigation: One-time passwords
and alternate notification methods (e.g. text messages) are two ways to make
the authentication process stronger. SSL VPN also provides secure remote
connectivity without the need for software to be installed on each device.

Disclaimer: The Information, Logs, Tips & Tricks, Installation procedures and shortcuts mentioned in this site are for general information only. Please refer to original manufacturer's documentation for comprehensive information. Use theITlogs.com at your own risk.